|
|
|
|
|
|
by chrisxcross
3644 days ago
|
|
|
Google does the same. They regularly send your password to their server to rate it. A curl-example is provided below. I think I already noticed that some websites used googles api to do the rating of passwords on their website but I can't recall where I saw it. curl 'https://accounts.google.com/RatePassword' -H 'Content-Type: application/x-www-form-urlencoded' --data 'Passwd=jbcfaihrwefgbGWETZHGAESjbnajfcw24704%$§&%§!vf&Emailnotme@useless.domain=&FirstName=Hacker&LastName=News' or another endpoint: curl 'https://accounts.google.com/InputValidator?resource=SignUp' -H 'Content-Type: application/json' -d '{"input01":{"Input":"Passwd","Passwd":"GoogleBatteryHorseStaple","PasswdAgain":"GoogleBatteryHorseStaple","FirstName":"Hacker","LastName":"News","GmailAddress":"i-have@none.yet"},"Locale":"en"}' |
|
|
"Sending each character of your password to the server, before you explicitly agree to submit" is quite another.